HTTP Error 401.2 - Unauthorized. You are not authorized to view this page due to invalid authentication headers. RRS feed

  • Question

  • User1377211471 posted

    I am getting the below error message in my windows 2008 server when I am trying to browse the default website in the local server. Anonymous auth is disabled. Windows auth is enabled.


    Error Summary

    HTTP Error 401.2 - Unauthorized

    You are not authorized to view this page due to invalid authentication headers.


    <FIELDSET><LEGEND>Detailed Error Information</LEGEND>
    Module IIS Web Core
    Notification AuthenticateRequest
    Handler StaticFile
    Error Code 0x80070005
    Requested URL http://localhost:80/
    Physical Path C:\inetpub\wwwroot
    Logon Method Not yet determined
    Logon User Not yet determined
    Failed Request Tracing Log Directory C:\inetpub\logs\FailedReqLogFiles
    <FIELDSET><LEGEND>Most likely causes:</LEGEND>
    • No authentication protocol (including anonymous) is selected in IIS.
    • Only integrated authentication is enabled, and a client browser was used that does not support integrated authentication.
    • Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.
    • The Web server is not configured for anonymous access and a required authorization header was not received.
    • The "configuration/system.webServer/authorization" configuration section may be explicitly denying the user access.
    <FIELDSET><LEGEND>Things you can try:</LEGEND>
    • Verify the authentication setting for the resource and then try requesting the resource using that authentication method.
    • Verify that the client browser supports Integrated authentication.
    • Verify that the request is not going through a proxy when Integrated authentication is used.
    • Verify that the user is not explicitly denied access in the "configuration/system.webServer/authorization" configuration section.
    • Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
    <FIELDSET><LEGEND>Links and More Information</LEGEND>This error occurs when the WWW-Authenticate header sent to the Web server is not supported by the server configuration. Check the authentication method for the resource, and verify which authentication method the client used. The error occurs when the authentication methods are different. To determine which type of authentication the client is using, check the authentication settings for the client.

    View more information »

    Microsoft Knowledge Base Articles:



    Ther are no webproxy, IE7 is enable for local intranet connection.

    Tuesday, December 16, 2008 10:44 PM

All replies

  • User157784788 posted

    Can you try steps from this KB http://support.microsoft.com/kb/942043/

    Try Step 2:

    Step 2: Add the Integrated Windows authentication native module in IIS Manager

    <script type=text/javascript> loadTOCNode(3, 'resolution'); </script>
    1. Click Start, type Inetmgr in the Start Search box, and then click Inetmgr in the Programs list.
      If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.
    2. In the Connections pane, expand the computer that is running IIS 7.0, expand Web Sites, and then click Default Web Site.
    3. On the Default Web Site Home page, double-click Modules.
    4. In the Actions pane, click Add Native Module.
    5. In the Add Native Module dialog box, click to select the WindowsAuthenticationModule check box, and then click OK.


    ~ Ganesh

    Tuesday, December 16, 2008 11:39 PM
  • User1377211471 posted

    There are 2 modules related to windows authentication.

    1. windowsauthentication, this is a managed module type, entry type inherited.

    2. windowsauthenticationmodule, this is a native module, entry type is inherited.

    The above modules are already in, but still getting the same error message. Any other suggestions.

    Wednesday, December 17, 2008 1:16 AM
  • User1377211471 posted

    When I enable the basic authentication, its prompting for username and password, if I supply the username and password then I can view the webpage, but its not working for windows authentication.

    Wednesday, December 17, 2008 2:20 AM
  • User42165818 posted

    Some time your IE is set to logon anoyninous in IE Security settings kindly chnage that to inherit or change it to prompt for login credential.

    Hope it helped.




    Saturday, May 9, 2009 6:35 PM
  • User1715046544 posted

    sorry to bing up this old thread, I'm having this same issue, but trying to use this solution, I don't have the option to "Add Native Module"

    I only have: "Add Managed Module" or "Configure Native Module"

    I already have listed the managed WindowsAuthentication but, I don't have WindowsAuthenticationModule on the list... how can I add it?


     PS: I'm using WS2008 64bits with IIS7

    Monday, August 10, 2009 4:10 PM
  • User-47214744 posted

    Could you double check if Windows Authentication is installed. You can use Server Manager and see in the Web Server role and make sure the Windows Authentication feature is installed.

    Monday, August 10, 2009 4:58 PM
  • User1715046544 posted

    Yes, windows authentication is installed (basic, digest, client certificate mapping, and IIS Client Certificate Mapping authorization methots are not installed)


    Tuesday, August 11, 2009 8:27 AM
  • User-1695231568 posted

    Hi, All,

    I am also experiencing this issue.  I do not have Windows Auth enabled (but I don't want it because we use Forms Auth in my app).  I have anonymous, ASP.Net impersonation, and Forms Auth enabled.  The rest are disabled.

    My site was working yesterday, but I had to reboot and now I'm getting this error.

    (Sorry to resurrect a thread that's a few months old...please feel free to create a new thread of this if it's more appropriate to do so.)  :-)

    Thanks in advance!



    Thursday, December 17, 2009 6:27 AM
  • User16931212 posted

    For future readers:


    Enabling both "anonymous" and "windows authentication" will result in "blank" windowsidentity values.

    Saturday, August 8, 2015 2:51 AM